As more and more people adopt digital devices and go online, many criminals have moved away from in-person scams and petty crime and toward online scams and cybersecurity attacks. Seniors, unfortunately, have become a key target for many of these scammers.
A recent survey by National Seniors showed that of the nearly 5000 people aged over 50 surveyed, 22 per cent said they had been a victim of an internet scam, with many reporting being bombarded by scammers on a regular basis.
The fact is, survey found that those who use the internet less frequently are more likely to fall victim to a scam – regardless of age. The telltale signs of someone who is untrustworthy or malicious can be vastly different in an online setting compared to an in-person interaction. This can make it very difficult for anyone unfamiliar with cybersecurity best practices to recognise what an online scam or cyberattack looks like, or to know how best to respond.
To help you and your family stay aware and protected from cyberthreats, the team at cybersecurity company ESET has put together this guide on what seniors should look out for online.
Cybercriminals & scammers targeting senior Australians
The number of seniors being contacted by online scammers is on the rise. The Australian Competition and Consumer Commission (ACCC) reported that over-65s submitted more than 26,400 reports to Scamwatch in 2018 (a 5% rise), detailing losses of over $21.4 million – an increase of 22%.
Senior Australians are becoming increasingly switched on to the threats of cybercrime and online scams as they continue to adopt digital habits. National Seniors found that over half of respondents aged 80-plus use an internet search engine every day, over 50% use online banking at least once a week, over 30% group text every day and nearly 20% are on Facebook every day.
But ACC Deputy Chair Delia Rickard says cybercriminals and scammers are adapting, too.
“Scammers will scour dating sites and social media for older Australians who have recently divorced or lost a long-term partner, taking advantage of those who are inexperienced with these sites and may be in a vulnerable emotional state,” Delia Rickard says.
What kind of cyberthreats should seniors watch out for?
Common online scams and cyberthreats targeting seniors often involve a combination of traditional and digital scam tactics – such as fake phone calls claiming to be from Telstra or other major ISPs threatening to cut off your internet connection, or from a bogus Microsoft support personnel feigning a computer error or virus. Other scams are encountered on social media, dating and networking sites.
“Scammers will scour dating sites and social media for older Australians who have recently divorced or lost a long-term partner, taking advantage of those who are inexperienced with these sites and may be in a vulnerable emotional state,” ACCC Deputy Chair Delia Rickard says.
Social engineering tactics also remain a major cyberthreat to seniors and non-seniors alike. These attacks work by tricking users into giving up sensitive information or passwords, clicking dangerous links, or downloading malicious attachments. This can include computer extortion, where money or cryptocurrency is demanded to remove a virus accidentally downloaded by a senior onto their PC.
The most common vehicle for cyberattacks remains phishing, which accounted for 20% of all security incidents in 2018 according to the 2018/2019 BDO and AusCERT Cyber Security Survey. Cyberattacks like phishing are predominantly encountered in emails, as well as text messages, in-game messaging, and social media apps like Facebook Messenger and WhatsApp.
Online banking breaches
As more Australians begin to use online banking, another emerging cyberthreat is online banking scams. Cybercriminals send out emails that appear to be from your bank or other financial institution, usually asking for your account details to confirm a transaction or to investigate unusual activity. With access to your private data, cybercriminals can then make online or over-the-phone purchases. Another method common in mobile banking scams is the use of fake banking apps, to trick you into disclosing the same personal details.
Using insecure or public Wi-Fi networks can leave you open to what are known as “man-in-the-middle attacks”. Hackers can easily exploit the attractiveness of public Wi-Fi networks to intercept data that passes between you and the websites you visit – including stealing banking logins, personal data or account details. Spoofing these networks, they may also use them to install malware on your device.
Building up your cyber-resilience
To stay protected against ever evolving cyberthreats and online scams, it’s important to stay vigilant, up-to-date, and continue to build cyber resilient habits.
1. Update your devices
If you have a computer, smartphone or tablet, you need to keep its operating system and applications up to date. The easy way to do this is by ensuring automatic updates are enabled – eon contemporary devices this should be the default setting, but it never hurts to check. You should also set up a PIN or password to secure your mobile devices when you aren’t using them, and again, do not use your birthday for the PIN or password. Many mobile devices have fingerprint readers, and enabling them to prevent unauthorised access is also a great option!
2. Use unique passwords everywhere
Your computers, mobile devices and online accounts should all be protected with passwords that you do not use anywhere else. Also, don’t include information that people can easily guess, such as your birthday or name, or that they can get from social media posts, such as your pet’s name, the school you attended and so on.
Billions of online account details, often including usernames, full names and/or email addresses paired with plaintext or easily derived passwords, have already been compromised. Many of these have been made available in the cybercriminal underground, and sometimes publicly, and pairing those usernames and passwords to other accounts and user devices has been an active interest of cybercriminals for several years. This makes password reuse one of the most dangerous online actions you can take.
3. Install two- or multi-factor authentication
Enable two- or multi-factor authentication for your logins. This is a method where you confirm your identity when you log into an account by presenting your password and a further piece of evidence, such as a code sent to your mobile phone. This makes it much harder for hackers to access your accounts, and these systems often allow you to be alerted to any attempts to access your account from other devices. It’s also a good idea to sign out of sensitive accounts, such as online banking apps, once you’ve finished using them.
4. Watch out for common scams
Don’t reply to or click the links in suspicious emails, ads, or SMS messages, to avoid falling victim to a phishing scam. Always double-check the “from” line of your received emails, and look out for suspicious wording or misspellings – that’s often a clue. Hover over links in emails instead of clicking on them instantly, and be aware that looks can be deceiving – if you don’t recognise the sender of an email or message, or read something that sounds too good to be true (like you’ve won a competition you never entered), then be very careful. When in doubt, delete the email or message.
Seniors are also often targeted in dating scams. If using online dating sites, or courted via social media, beware of overly enthusiastic approaches, or those who quickly shift from introductory chat to expressing their undying love. Another common sign of dating scams is being urged to move from the online dating site (whose fraud controls might otherwise detect such scams) to other chat or messaging systems, such as email, Skype or even SMS.
To prevent unwanted network breaches, avoid using public Wi-Fi networks when out and about, at shopping centres or airports. If you have to use public Wi-Fi, don’t access sensitive accounts like your banking, email or social media. Your best bet is to switch off Wi-Fi and use your mobile data for simple internet tasks like Googling while on the go.
5. Install cybersecurity software
A firewall acts as one of the first layers of protection between your computer and any hackers or scammers trying to access your device and data. If you’re using a home computer, you need to ensure that a firewall is installed and always turned on in your settings. An up-to-date cybersecurity software usually includes a comprehensive firewall.
All-inclusive cybersecurity software packages are among the most important solutions you can use to prevent a cyberattack or scam breaching your personal devices and data. A comprehensive internet security solution such as ESET Smart Security Premium is a sure way to safeguard your data and protect yourself across multiple platforms. For more information, contact the ESET team online or call 1300 084 040 today!